Good Data Protection compliance is not just a legal obligation; it also demonstrates that an organisation takes a responsible attitude to the information it holds about the people it works for, the people it works with and the people who support the work.

Most voluntary organisations are aware of how their responsibilities changed on 25th May 2018 under the General Data Protection Regulation (GDPR), and have taken steps to comply.

At the same time, changes in the way fundraising and direct marketing are regulated mean that all charities have had to review their current practice.

Now that things have settled down it is a good opportunity to review the position, identify any gaps, learn from experience and consolidate your Data Protection practice.

This course will:

• Ensure that all participants are confident about the basics of Data Protection, both now and in the future
• Put Data Protection in context – looking at its relationship to confidentiality, for example
• Explain fully the changes that GDPR introduced and how the new requirements might be met
• Explore in detail the issues that will particularly affect small- and medium-sized charities
• Explore the options available to charities in their fundraising and direct marketing activities
• Enable participants to draw up an action plan

Who should come (orgs / people / roles):

The course does not require any prior knowledge of Data Protection. It is most suitable for people who have some responsibility for Data Protection, either at the organisational level (especially if they have been designated the organisation’s Data Protection Lead - including Trustees & CEOs) or as a team or department manager. Fundraisers, communications officers, database managers and people with a compliance role should find it particularly useful.

3 reasons why people would come

1. In the past charities may have thought they would get an easy ride from the Information Commissioner. Not any more. If you don’t understand your organisation’s obligations, the result could be enforcement action, up to and including heavy financial penalties.
2. There was a lot of misinformation around GDPR, and some organisations may not have followed the best course of action. The session will dispel rumours; the material is rooted in a thorough understanding of the text of GDPR itself and what it means.
3. Data Protection is really about people, not data. People – and the issues they face – are interesting. (And it’s always good to talk things through with people in the same boat)

Book here